Moat is a high-performance reverse proxy and firewall built with Rust, featuring:
XDP-based packet filtering for ultra-low latency protection at kernel level
Dynamic access rules with automatic updates from Arxignis API
BPF statistics collection for packet processing and dropped IP monitoring
TCP fingerprinting for behavioral analysis and threat detection
TLS fingerprinting with JA4 support for client identification
JA4+ fingerprinting with complete suite: JA4H (HTTP headers), JA4T (TCP options), JA4L (latency), JA4S (TLS server), and JA4X (X.509 certificates)
Automatic TLS certificate management with ACME/Let's Encrypt integration
Threat intelligence integration with Arxignis API for real-time protection
CAPTCHA protection with support for hCaptcha, reCAPTCHA, and Cloudflare Turnstile
Content scanning with ClamAV integration for malware detection
PROXY protocol support for preserving client IP addresses through load balancers
Health check endpoints for monitoring and load balancer integration
Redis-backed caching for certificates, threat intelligence, and validation results
Domain filtering with whitelist support
Wirefilter expressions for advanced request filtering
Unified event queue with batched processing for logs, statistics, and events
Flexible configuration via YAML files, command line arguments, or environment variables
Hi community!
Moat is a high-performance reverse proxy and firewall built with Rust, featuring:
XDP-based packet filtering for ultra-low latency protection at kernel level Dynamic access rules with automatic updates from Arxignis API BPF statistics collection for packet processing and dropped IP monitoring TCP fingerprinting for behavioral analysis and threat detection TLS fingerprinting with JA4 support for client identification JA4+ fingerprinting with complete suite: JA4H (HTTP headers), JA4T (TCP options), JA4L (latency), JA4S (TLS server), and JA4X (X.509 certificates) Automatic TLS certificate management with ACME/Let's Encrypt integration Threat intelligence integration with Arxignis API for real-time protection CAPTCHA protection with support for hCaptcha, reCAPTCHA, and Cloudflare Turnstile Content scanning with ClamAV integration for malware detection PROXY protocol support for preserving client IP addresses through load balancers Health check endpoints for monitoring and load balancer integration Redis-backed caching for certificates, threat intelligence, and validation results Domain filtering with whitelist support Wirefilter expressions for advanced request filtering Unified event queue with batched processing for logs, statistics, and events Flexible configuration via YAML files, command line arguments, or environment variables